AWS guardduty documentation change
Summary
Added documentation history entry for updated Malware Protection for S3 functionality, noting that EventBridge notifications now include a statusReasons field when scans are skipped
Security assessment
This change documents an enhancement to GuardDuty's malware protection feature, which is a security service. The addition of statusReasons field improves transparency about why S3 object scans are skipped, helping users understand security scan outcomes better. However, there is no evidence this addresses a specific security vulnerability.
Diff
diff --git a/guardduty/latest/ug/doc-history.md b/guardduty/latest/ug/doc-history.md index 49b1fea6f..aa0bdbee2 100644 --- a//guardduty/latest/ug/doc-history.md +++ b//guardduty/latest/ug/doc-history.md @@ -12,0 +13 @@ Change| Description| Date +Updated functionality - Malware Protection for S3| The EventBridge notification for S3 object scan results now includes a `statusReasons` field in `scanResultDetails` when a scan is skipped. This field provides the specific reason why the scan was skipped. For more information, see [S3 object potential scan status and result status](https://docs.aws.amazon.com/guardduty/latest/ug/monitoring-malware-protection-s3-scans-gdu.html#s3-object-scan-result-value-malware-protection).| April 10, 2026